CVE-2019-5305

CWE-4153 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 78.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 10 FirmwareHuawei Mate 10
Timeline
PublishedJun 6
Latest updateMay 24

Description

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/mate_10_firmware< alp-l29_9.0.0.159\(c185\)
CVEListV5huawei/mate_10The versions before ALP-L29 9.0.0.159(C185)

🔴Vulnerability Details

2
GHSA
GHSA-jj4j-prxw-rvrr: The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 92022-05-24
CVEList
CVE-2019-5305: The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 92019-06-06
CVE-2019-5305 (MEDIUM CVSS 5.5) | The image processing module of some | cvebase.io